Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
File: zRQ2kCMKRApot6iqmCefL2Xf7ig.mft (raw, json)
Hash identifier: j7tp1g6PR5ZE7LlrDOGSMFSFD6s0Z4l3hyFD+OLHFZQ=
Subject key identifier: E7:7F:FE:58:DC:C4:03:8A:FE:2A:3F:8E:40:81:A3:1B:22:D1:35:8F
Authority key identifier: CD:14:36:90:23:0A:44:0A:68:B7:A8:AA:98:27:9F:2F:65:DF:EE:28
Certificate issuer: /CN=cd143690230a440a68b7a8aa98279f2f65dfee28
Certificate serial: 019D3752C5EEDD18D00E275344FF741C1195
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
Manifest number: 1591
Signing time: Sun 29 Mar 2026 02:01:04 +0000
Manifest this update: Sun 29 Mar 2026 02:01:04 +0000
Manifest next update: Mon 30 Mar 2026 02:01:04 +0000
Files and hashes: 1: beStaP3U9BouVtR6HKL7Bht809g.roa (hash: 9C0Yz+gtWBKD86eXJ/yNK0jQEWAJqpkTW4DLxbpVN08=)
2: zRQ2kCMKRApot6iqmCefL2Xf7ig.crl (hash: dTTJORwjP5qvcSjuha1zsa2eoLgDTtA7fFMXhMcw5VE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Mar 2026 02:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:37:52:c5:ee:dd:18:d0:0e:27:53:44:ff:74:1c:11:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd143690230a440a68b7a8aa98279f2f65dfee28
Validity
Not Before: Mar 29 02:01:04 2026 GMT
Not After : Mar 30 02:01:04 2026 GMT
Subject: CN=e77ffe58dcc4038afe2a3f8e4081a31b22d1358f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f3:11:c2:f4:27:47:f1:09:d9:c1:fc:6a:ec:
db:f8:0a:80:12:fd:71:79:01:cf:b6:27:97:3b:9e:
eb:e6:e2:17:6b:3a:25:70:04:ba:b2:33:7a:e9:ad:
5b:05:0a:ca:42:96:ce:2a:f0:e4:1a:b9:61:58:27:
cf:dc:89:45:ed:89:aa:e7:e9:88:5f:db:07:fc:6d:
6d:9d:d1:78:dd:90:55:3e:60:be:4e:bc:67:19:17:
6a:68:45:dd:b6:18:83:1e:d5:22:b6:e4:86:31:62:
29:7f:9e:3d:08:94:f1:fa:8e:ea:cf:69:26:2c:3f:
6b:7d:61:d7:d4:1f:0e:51:0f:e9:8a:5d:15:58:53:
f2:6e:c3:a8:c7:bd:a4:c1:9a:f9:13:a2:e8:67:3c:
e1:ac:63:1a:cc:81:5c:5e:0c:c2:3e:5c:5a:aa:6a:
69:13:70:81:45:b9:9d:25:15:a4:ec:96:82:a9:29:
36:66:8e:16:61:db:d7:b3:ef:07:7d:b6:75:52:cc:
f4:e1:dd:ca:51:27:0d:1a:d4:48:04:2f:ff:05:84:
c3:e7:e8:c1:21:95:9d:e6:2a:a3:49:e3:83:d7:62:
44:18:91:b7:46:9d:ba:ad:d6:11:c3:53:de:45:84:
6a:99:11:18:37:fd:ca:a7:ec:20:4f:85:e0:24:86:
3e:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:7F:FE:58:DC:C4:03:8A:FE:2A:3F:8E:40:81:A3:1B:22:D1:35:8F
X509v3 Authority Key Identifier:
keyid:CD:14:36:90:23:0A:44:0A:68:B7:A8:AA:98:27:9F:2F:65:DF:EE:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
24:ae:58:4c:2f:75:4e:d0:77:d7:8e:99:de:cc:e8:bf:6e:90:
bb:f3:45:7f:43:60:04:b5:ad:f8:97:f4:31:bb:54:60:d6:63:
25:e8:2a:87:a7:11:90:58:80:4d:06:be:21:32:5c:66:86:b3:
b0:3f:f5:3b:12:b3:e8:e6:7f:0b:5c:29:53:40:27:a5:94:74:
3c:b2:6a:d2:66:09:23:fa:92:07:93:58:2d:98:81:a8:f8:3e:
36:37:b9:76:c9:6c:45:21:fc:97:fc:f3:0a:52:18:82:3f:99:
76:ca:d2:bc:9c:e7:50:f4:49:f6:5c:06:a0:11:8f:24:3f:c8:
26:7c:2b:c0:39:8f:bf:f2:8b:3c:c4:05:11:7c:6a:9a:55:5b:
bb:62:1f:ff:9f:89:fb:c5:5c:b9:bc:51:50:d5:85:2c:b5:bd:
d2:bf:31:95:d8:20:5c:bd:34:8f:90:6b:c4:78:29:71:c3:44:
92:25:6b:e9:71:45:49:28:9f:9e:62:de:cb:31:4e:96:bb:4f:
dc:c6:34:60:a2:c5:6f:17:64:24:37:45:d5:78:88:17:f6:2b:
e6:5a:4a:bc:1c:a3:f5:ca:03:57:9c:57:c0:f2:6b:8d:87:36:
05:4e:b5:cc:33:78:d8:7f:61:7e:a0:ff:30:f0:e4:d1:a8:55:
36:a7:d2:e6
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZ03UsXu3RjQDidTRP90HBGVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTQzNjkwMjMwYTQ0MGE2OGI3YThhYTk4Mjc5ZjJmNjVk
ZmVlMjgwHhcNMjYwMzI5MDIwMTA0WhcNMjYwMzMwMDIwMTA0WjAzMTEwLwYDVQQD
EyhlNzdmZmU1OGRjYzQwMzhhZmUyYTNmOGU0MDgxYTMxYjIyZDEzNThmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufMRwvQnR/EJ2cH8auzb+AqAEv1x
eQHPtieXO57r5uIXazolcAS6sjN66a1bBQrKQpbOKvDkGrlhWCfP3IlF7Ymq5+mI
X9sH/G1tndF43ZBVPmC+TrxnGRdqaEXdthiDHtUituSGMWIpf549CJTx+o7qz2km
LD9rfWHX1B8OUQ/pil0VWFPybsOox72kwZr5E6LoZzzhrGMazIFcXgzCPlxaqmpp
E3CBRbmdJRWk7JaCqSk2Zo4WYdvXs+8HfbZ1Usz04d3KUScNGtRIBC//BYTD5+jB
IZWd5iqjSeOD12JEGJG3Rp26rdYRw1PeRYRqmREYN/3Kp+wgT4XgJIY+XwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFOd//ljcxAOK/io/jkCBoxsi0TWPMB8GA1UdIwQY
MBaAFM0UNpAjCkQKaLeoqpgnny9l3+4oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8wOTQ1NmUtYTcxYy00M2IzLWJkNDAt
OGVlM2Q5OGNhZDViLzEvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8wOTQ1NmUtYTcxYy00M2IzLWJkNDAtOGVlM2Q5OGNhZDVi
LzEvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAJK5YTC91
TtB3146Z3szov26Qu/NFf0NgBLWt+Jf0MbtUYNZjJegqh6cRkFiATQa+ITJcZoaz
sD/1OxKz6OZ/C1wpU0AnpZR0PLJq0mYJI/qSB5NYLZiBqPg+Nje5dslsRSH8l/zz
ClIYgj+ZdsrSvJznUPRJ9lwGoBGPJD/IJnwrwDmPv/KLPMQFEXxqmlVbu2If/5+J
+8VcubxRUNWFLLW90r8xldggXL00j5BrxHgpccNEkiVr6XFFSSifnmLeyzFOlrtP
3MY0YKLFbxdkJDdF1XiIF/Yr5lpKvByj9coDV5xXwPJrjYc2BU61zDN42H9hfqD/
MPDk0ahVNqfS5g==
-----END CERTIFICATE-----
Generated at Sun Mar 29 12:31:10 2026 by rpki-client